CVE-2017-15099

Published: Nov 22, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.

Affected (18)

Products: Postgresql: Postgresql · Debian: Debian Linux

1 product

1 product

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Postgresql Postgresql	Version 10.0
Postgresql Postgresql	Version 9.5.1
Postgresql Postgresql	Version 9.5.2
Postgresql Postgresql	Version 9.5.3
Postgresql Postgresql	Version 9.5.4
Postgresql Postgresql	Version 9.5.5
Postgresql Postgresql	Version 9.5.6
Postgresql Postgresql	Version 9.5.7
Postgresql Postgresql	Version 9.5.8
Postgresql Postgresql	Version 9.5.9
Postgresql Postgresql	Version 9.5
Postgresql Postgresql	Version 9.6.1
Postgresql Postgresql	Version 9.6.2
Postgresql Postgresql	Version 9.6.3
Postgresql Postgresql	Version 9.6.4
Postgresql Postgresql	Version 9.6.5
Postgresql Postgresql	Version 9.6

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 9.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

http://www.securityfocus.com/bid/101781

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039752

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2511

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2018:2566

Source: secalert@redhat.com

https://www.debian.org/security/2017/dsa-4028

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://www.postgresql.org/about/news/1801/

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://www.postgresql.org/support/security/

Source: secalert@redhat.com

Issue TrackingVendor Advisory

http://www.securityfocus.com/bid/101781

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039752

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2511

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/errata/RHSA-2018:2566

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.debian.org/security/2017/dsa-4028

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://www.postgresql.org/about/news/1801/

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://www.postgresql.org/support/security/

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

Timeline

No history available yet.